pass-docker/docker-compose.yml at main · springstim/pass-docker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
version: '3.1'

services:

  fcrepo:
    build:
      context: ./fcrepo/4.7.5
    image: oapass/fcrepo:0.1.0@sha256:56730754843aec0a3d48bfcefd13d72f1bb34708aea9b47d2280d2da61a1eb54
    container_name: fcrepo
    env_file: .env
    ports:
      - "${FCREPO_PORT}:${FCREPO_PORT}"
      - "${FCREPO_DEBUG_PORT}:${FCREPO_DEBUG_PORT}"
    networks:
      - front
      - back
    volumes:
      - passdata:/data
    depends_on:
      - assets
      - activemq

  activemq:
    build:
      context: ./activemq
    image: oapass/activemq:0.1.0@sha256:370189e32b1d34374a0ad15619f356f8d089e7c9000a79fc2de4e078cc23228c
    container_name: activemq
    env_file: .env
    ports:
      - "${ACTIVEMQ_JMS_PORT}:${ACTIVEMQ_JMS_PORT}"
      - "${ACTIVEMQ_STOMP_PORT}:${ACTIVEMQ_STOMP_PORT}"
      - "${ACTIVEMQ_WEBCONSOLE_PORT}:${ACTIVEMQ_WEBCONSOLE_PORT}"
    networks:
      - front
      - back

  ember:
    build:
      context: ./ember
      args:
        EMBER_GIT_REPO: "${EMBER_GIT_REPO}"
        EMBER_GIT_BRANCH: "${EMBER_GIT_BRANCH}"
        POLICY_SERVICE_URL: "${POLICY_SERVICE_URL}"
        USER_SERVICE_URL: "${USER_SERVICE_URL}"
        DOI_SERVICE_URL: "${DOI_SERVICE_URL}"
        METADATA_SCHEMA_URI: "${METADATA_SCHEMA_URI}"
        MANUSCRIPT_SERVICE_LOOKUP_URL: "${MANUSCRIPT_SERVICE_LOOKUP_URL}"
        MANUSCRIPT_SERVICE_DOWNLOAD_URL: "${MANUSCRIPT_SERVICE_DOWNLOAD_URL}"
    image: oapass/ember:0.1.0@sha256:94c04b860dacbc0a4bcb060e944b099d19dd7564b82de802ba288f0ee95ce213
    container_name: ember
    env_file: .env
    networks:
      - back

  static-html:
    build:
      context: ./static-html
      args:
        STATIC_HTML_GIT_REPO: "${STATIC_HTML_GIT_REPO}"
        STATIC_HTML_GIT_BRANCH: "${STATIC_HTML_GIT_BRANCH}"
    image: oapass/static-html:0.1.0@sha256:196a14bce65963e2d3903a6e14c4088b51b5744bbaf89c6cbc201667fdccb658
    container_name: static-html
    env_file: .env
    ports:
      - "${STATIC_HTML_PORT}:${STATIC_HTML_PORT}"
    networks:
      - back
      - front

  ftpserver:
    build: ./ftpserver
    image: oapass/ftpserver:0.1.0@sha256:f095b1944aca9c7dd8f68641f682dcba36a0d779b3ba8cb79475a84e4632ab57
    container_name: ftpserver
    env_file: .env
    ports:
      - "${FTP_PORT}:${FTP_PORT}"
      - "30000-30010:30000-30010"
    networks:
      - front
      - back

  proxy:
    build: ./httpd-proxy/
    image: oapass/httpd-proxy:0.1.0@sha256:ef5fa38fdf4ba14ed4edd27282d95377946eb25abde3fc97dc817324d200f5a8
    container_name: proxy
    networks:
     - front
     - back
    ports:
     - "80:80"
     - "443:443"

  idp:
    build:
      context: ./idp
      args:
        TENANT: jhu
    image: oapass/idp:0.1.0@sha256:6028785e1f6b4e35f7d21f9fd4fd11127d628a1e3aef54665a3d53145045d065
    container_name: idp
    depends_on:
     - ldap
    environment:
     - JETTY_MAX_HEAP=64m
     - JETTY_BROWSER_SSL_KEYSTORE_PASSWORD=password
     - JETTY_BACKCHANNEL_SSL_KEYSTORE_PASSWORD=password
    expose:
     - "4443"
    networks:
     - back
    secrets:
     - source: idp_backchannel
     - source: idp_browser
     - source: idp_encryption
     - source: idp_signing
     - source: idp_sealer

  ldap:
    build:
      context: ./ldap
      args:
        TENANT: jhu
    image: oapass/ldap:0.1.0@sha256:059f4b287a8a1e8381afeca0e3e13b0255ccf2d93d50d8b318fc8d9826f5d5e5
    container_name: ldap
    networks:
     - back

  sp:
    build: ./sp/2.6.1
    image: oapass/sp:0.1.0@sha256:3fbdc2d8e7d5e42eda947ead953b78934d7621441a10533261d11b49eea144d7
    container_name: sp
    networks:
     - back
    secrets:
     - source: sp_key

  dspace:
    build: ./dspace/6.2
    image: oapass/dspace:0.1.0@sha256:ffb21fc796f0ff0149fe89958c0cc425826325b96b2b8336522b9028e44876c9
    container_name: dspace
    env_file: .env
    ports:
      - "${DSPACE_PORT}:${DSPACE_PORT}"
    networks:
      back:
        aliases:
          - pass

  postgres:
    build: ./postgres/10.3
    image: oapass/postgres:0.1.0@sha256:ace6225676b8da663fb3eff8de7b0d21ff5fec564875b108580fb16e31573711
    container_name: postgres
    env_file: .env
    ports:
      - "${POSTGRES_DB_PORT}:${POSTGRES_DB_PORT}"
    networks:
      - back

  indexer:
    build: ./indexer
    image: oapass/indexer:0.1.0@sha256:48364e4341ff476a92d31cd391158d832f6ba01e66fa50c79f67d3595930289b
    container_name: indexer
    env_file: .env
    networks:
      - back

  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.2.3@sha256:ccfad77c0731c010e6ff8c43b4ab50f5ce90c0fa4e65846530779c5c6707c20a
    container_name: elasticsearch
    env_file: .env
    environment:
      - discovery.type=single-node
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - passdata:/usr/share/elasticsearch/data
    ports:
      - "${ES_PORT}:${ES_PORT}"
    networks:
      - front
      - back
    depends_on:
      - assets

  assets:
    image: oapass/assets:0.1.0@sha256:f3936f9708acf0c0dfc8088b651438a48a56474a784aef8f473292cfff8f73a2
    build: ./assets
    volumes:
      - passdata:/data

  #bootstrap:
  #  image: oapass/bootstrap
  #  build: ./bootstrap
  #  container_name: bootstrap
  #  networks:
  #    - back

  deposit:
    build:
      context: ./deposit-services
      args:
        # The providers image is released by the github.com/oa-pass/jhu-package-providers repository
        PROVIDERS_IMAGE: oapass/deposit-services-providers:0.1.0@sha256:1493014d0f2d90d5ca93a4b2abe2fbbecf8af06f9997f0a0f12d521d41b27afe
    image: oapass/deposit-pass-docker:0.1.0@sha256:ed8178788a8fe73cb2f72a38255104e0595ea8760f91573f2b56499e4ac0e82f
    container_name: deposit
    env_file: .env
    environment:
      - PASS_DEPOSIT_REPOSITORY_CONFIGURATION=file:/repositories-jhu.json
    ports:
      - "${DEPOSIT_DEBUG_PORT}:5007"
    networks:
      - back
    links:
      - dspace:pass.local
# To override configuration, create a file named './repositories.json', edit to suit, and uncomment below
#    volumes:
#      - ./packagers.properties:/packagers.properties


  authz:
    build: ./authz
    image: oapass/authz:0.1.0@sha256:a691d3979f5e939f963d2d521f05399852b8b4dbdcb098c3e8070808e29c9da7
    container_name: authz
    env_file: .env
    networks:
      - back

  mail:
    image: oapass/docker-mailserver:0.1.0@sha256:5be8a080a8f7d70c3d8a315f2241ca49ea9051c9efbb940a9099cf64f2bf975d
    hostname: mail
    domainname: jhu.edu
    container_name: mail
    networks:
      - back
    ports:
      - "${MAIL_SMTP}:25"
      - "${MAIL_IMAPS}:993"
      - "${MAIL_MSP}:587"
    volumes:
      - maildata:/var/mail
      - mailstate:/var/mail-state
      - ./mail/config/:/tmp/docker-mailserver/
    env_file: .env
    depends_on:
      - ldap

  notification:
    build: notification-services
    image: oapass/notification-services:0.1.0@sha256:34c3fa003e1422c0028ec6319fd6de6bdeb89e86d6d743b99f1e4059b4cca610
    container_name: notification
    networks:
      - back
    ports:
      - "${NOTIFICATION_DEBUG_PORT}:5011"
    env_file: .env
    environment:
      - PASS_NOTIFICATION_CONFIGURATION=file:/notification.json

  schemaservice:
    image: oapass/schema-service:0.1.0@sha256:673104043615f4204c77ba89836e833270a6003641f862aacdf8a0aeab240c0f
    container_name: schemaservice
    env_file: .env
    ports:
      - "${SCHEMA_SERVICE_PORT}:${SCHEMA_SERVICE_PORT}"
    networks:
      - front
      - back

  policyservice:
    image: oapass/policy-service:0.1.0@sha256:7c31dabd7dbb3a09ca47f19efe6a1b2aa9cea66ffe21775279ca8189358d4bfa
    container_name: policyservice
    env_file: .env
    ports:
      - "${POLICY_SERVICE_PORT}:${POLICY_SERVICE_PORT}"
    networks:
      - front
      - back

  doiservice:
    image: oapass/doi-service:0.1.0@sha256:6b7ec4910216ba0c8368cb0f516c835132236d7626f6453000dd42dfa8b87281
    container_name: doiservice
    env_file: .env
    ports:
      - "${PASS_DOI_SERVICE_PORT}:8080"
    networks:
      - front
      - back

  downloadservice:
    image: oapass/download-service:0.1.0@sha256:1156fe0847d84f2c24399a19b0a91fd334c7016880d398fa536cb5217b14ea81
    container_name: downloadservice
    env_file: .env
    ports:
      - "${DOWNLOAD_SERVICE_PORT}:${DOWNLOAD_SERVICE_PORT}"
    networks:
      - front
      - back

volumes:
  passdata:
    driver: local
  mailstate:
    driver: local
  maildata:
    driver: local

networks:
  front:
    driver: bridge
  back:
    driver: bridge

secrets:
  idp_backchannel:
    file: ./secrets/idp/idp-backchannel.p12
  idp_browser:
    file: ./secrets/idp/idp-browser.p12
  idp_encryption:
    file: ./secrets/idp/idp-encryption.key
  idp_signing:
    file: ./secrets/idp/idp-signing.key
  idp_sealer:
    file: ./secrets/idp/sealer.jks
  sp_key:
    file: ./secrets/sp/sp-key.pem